Access Agreement Sample

A model of the data access agreement is provided below. The presentation and text example are provided as a guide and must be adapted to the specifics of each set of systems/data. When my employment ends at university or my professional responsibility no longer requires access to the data or the extent of the required access changes, I have a shared responsibility with the Data Proprietor to ensure that my access to the system is properly revoked or changed. If my access is not changed in time, they will notify the data owner. Designation of data sensitivity. The data [registration name] in [system name] is classified as UC P1-P4 (formerly UCB PL0-PL3) and data protection is established accordingly. I agree to preserve the quality and integrity of the information I access and to protect the privacy of the personal data of someone I access. (Example of a UC P2/P3 (formerly UCB PL1) System in which users enter and edit records:)I recognize that Berkeley must have strict control over access to personal data that associates a person`s name or initials with: Incomplete and inconsistent formal agreements on terms and conditions can lead to the negligence of employees and contractors in processing and distributing sensitive data. The purpose of the data access agreement is to define the conditions under which users have access to the data indicated and to obtain an express acceptance of these conditions by a user before he or she has access to the data. Resources must establish data access agreements that define appropriate use and access to covered data, as well as procedures for granting authorization for exemptions from restrictions. Identify the data owner (by name and/or roll) and identify the data to be accessed.

Capture or provide (depending on the connection) the user`s name and location and the responsibility that requires access to the registration. I agree with the terms of this data access agreement. Notification to users of MSSEI security requirements for individual devices: I will seek permission from Data Proprietor before transferring data from the [name of the system] to a person who has not accepted the terms of this data access agreement. Data protection in this system is subject to the following laws, policies and regulations: — intentional and authorized use of data. I agree to use [system name] only for legitimate business purposes, which limits my use to my pre-professional duties. Secondary memory/systems should not be created from the data [system name] without the prior permission of the data owner and the registration and approval of the secondary memory/system with the IOC Office. and will not enter this data or any other level of data protection 2 into the system [system name]. Links to other relevant documentation, z.B. Minimum Security Standard for Electronic Information (MSSEI)Minimum Security Standard for Networked Devices (MSSND) Berkeley Data Classification StandardData Protection Profiles.